Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Network Beaconing Identification] Update beaconing docs to add feature details of the transform #8518

Merged
merged 4 commits into from
Nov 20, 2023
Merged

[Network Beaconing Identification] Update beaconing docs to add feature details of the transform #8518

merged 4 commits into from
Nov 20, 2023

Conversation

sodhikirti07
Copy link
Contributor

@sodhikirti07 sodhikirti07 commented Nov 15, 2023
edited
Loading

What I did in this PR

Updated the README to add feature details and customizations from this HTML page. The HTML will be deleted after this PR is merged.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Screenshots

Screenshots are in the comment section

@sodhikirti07 sodhikirti07 added the enhancement New feature or request label Nov 15, 2023
@sodhikirti07 sodhikirti07 requested review from a team as code owners November 15, 2023 15:33
@elasticmachine
Copy link

elasticmachine commented Nov 15, 2023
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-11-20T16:05:16.475+0000

  • Duration: 17 min 14 sec

Test stats 🧪

Test Results
Failed 0
Passed 4
Skipped 0
Total 4

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

qn895
qn895 reviewed Nov 15, 2023
View reviewed changes
packages/beaconing/elasticsearch/transform/pivot_transform/transform.yml
@@ -1,6 +1,6 @@
dest:
index: ml_beaconing-1.0.0
pipeline: 1.0.0-ml_beaconing_ingest_pipeline
index: ml_beaconing-1.1.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Out of curiosity, does this transform ever need unattended setting?

https://www.elastic.co/guide/en/elasticsearch/reference/current/put-transform.html

(Optional, boolean) If true, the transform runs in unattended mode. In unattended mode, the transform retries indefinitely in case of an error which means the transform never fails. Setting the number of retries other than infinite fails in validation. Defaults to false.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @qn895 we are looking into adding that flag for beaconing, but not just yet as we want to see how it's faring on LMD; https://github.com/elastic/security-team/issues/7922#issuecomment-1812819516

I think as soon as the ES change you linked has gone out then it should be safe to update

@sodhikirti07
Copy link
Contributor Author

README screenshots:

image

image

susan-shu-c
susan-shu-c reviewed Nov 15, 2023
View reviewed changes
packages/beaconing/docs/README.md Outdated Show resolved Hide resolved
packages/beaconing/docs/README.md Show resolved Hide resolved
@sodhikirti07 @susan-shu-c
Update packages/beaconing/docs/README.md
df3534a 
Co-authored-by: Susan <23287722+susan-shu-c@users.noreply.github.com>
@sodhikirti07 sodhikirti07 merged commit e70a009 into main Nov 20, 2023
4 checks passed
This was referenced Nov 20, 2023
Closed
Closed
@elasticmachine
Copy link

Package beaconing - 1.1.0 containing this change is available at https://epr.elastic.co/search?package=beaconing

@andrewkroh andrewkroh added the Integration:beaconing Network Beaconing Identification label Jul 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qn895 qn895 qn895 left review comments

@susan-shu-c susan-shu-c susan-shu-c approved these changes

@ajosh0504 ajosh0504 Awaiting requested review from ajosh0504

@SourinPaul SourinPaul Awaiting requested review from SourinPaul

Assignees
No one assigned
Labels
enhancement New feature or request Integration:beaconing Network Beaconing Identification
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@sodhikirti07 @elasticmachine @susan-shu-c @qn895 @andrewkroh